Politico and The Hill on October 5 reported that the IRS had awarded Equifax a sole source $j7.25 million contract “to verify taxpayer identity and to assist in ongoing identity verification and validations needs of the Service.” Naturally, this raised question from all quarters in the wake of the massive data breach suffered by Equifax. It may seem odd when the basic principle of federal procurement is “full and open competition” [48 CFR 6.101] for the IRS to give a sole source contract to Equifax when there are obviously other companies that could also perform the service.

To unravel this situation, we must understand the Government Accountability Office (GAO) bid protest process and the laws and regulations involved. The federal procurement process has a long history of mechanisms to allow disappointed bidders to challenge the government’s procurement actions. Federal procurement regulations (known as the FAR and found at 48 CFR Chapter 1) provide for what is called an agency level protest (48 CFR 33.103) that requires the agency to consider protests presented to the agency. A more formal protest option is to file a protest with GAO. [31 US Code 3552] The other option for protestors is to file an action at the US Court of Federal Claims. [28 US Code 1491(b)(1)]

If the agency receives notice of the protest from GAO in a short, prescribed time, the agency must direct the awarded contractor to not proceed with the performance of the new contract. When this stay of performance is in place, it is common practice for the agency to award a “bridge contract” (essentially an extension of the existing contract) to the incumbent contractor, which is often also the protestor. This is a good way for the losing incumbent contractor to get a few more months of work from the agency. But it also makes it easier for the agency to deal with a successful protest.

In this case, on July 7, 2017, Equifax Information Services, LLC filed a bid protest with GAO against an award by the IRS to an as yet unidentified contractor. [Solicitation TIRNO-17-Q-00047; File Number: B-414907.1] Apparently, the protest was filed within the time limit that required suspension of performance of the new contract. Equifax must have been the incumbent contractor. So the IRS basically extended Equifax as the contractor during the pending protest. This was the $7.25 million contract the news reports are referring to. The IRS justified this sole source award as follows: “A sole source order is required to cover the timeframe needed to resolve the protest on contract TIRNO-17-Z-00024. This is considered a critical service that cannot lapse.”

The IRS Commissioner claimed that “the only alternative” to doing business with Equifax was “to shut down all online access to taxpayer accounts.” This got the attention of GAO, which pointed out that the IRS could have proceeded with the newly awarded contract if the Commissioner had determined in writing “that urgent and compelling circumstances which significantly affect interests of the United States will not permit waiting for the decision of the Comptroller General.” [31 US Code 3553(c)(2)] While this provision and the GAO statement did nothing to make the IRS look good, this statutory authority was probably not useful in this case.

Switching contractors for any major program usually takes weeks if not months to turn over the program to the new contractor, a process which requires the participation of the prior contractor. In this case, it is likely that the agency has no certainty that the protest will be rejected which might require redoing the procurement. Even if the protest is rejected by GAO, Equifax would still have the option of a protest at the US Court of Federal Claims. Even if the Court of Federal Claims rejected the protest, that could be appealed to the US Court of Appeal for the Federal Circuit and even to the Supreme Court. This “bridge contract” that was awarded to Equifax was probably for three to six months. If that contract for that period was worth over $7 million, it should be obvious that Equifax has a financial interest in extending the contract as long as possible.

If Equifax takes that route, at some point after completion of the GAO protest process, IRS would most likely obtain court approval to move forward with the awarded contract even in the midst of appeals. In any event, it appears that the IRS suffered from a common and long standing federal agency problem, trying to successfully explain a complicated situation to Congress.

As of December 2016, the IT distributor Ingram Micro is now part of fast-growing $30 billion Chinese conglomerate, HNA Group. A large number of small businesses doing business with the federal government, especially those participating in one or more GWACs, might be concerned with this change of ownership of a vendor that they may be using.

When we think of foreign vendors, what comes to mind first is the Buy American Act (BAA). However, the BAA does not address the ownership of companies but the country of origin of the products involved. Also trade agreements and various bilateral agreements carve out many exceptions to the BAA. To further compound the complexity, the rules to determine country of origin are themselves extremely complex. So the fact that Ingram Micro is now owned by a Chinese company does not answer or necessarily raise any concerns about the BAA. Those concerns have to be addressed on a case by case basis for each product, and more importantly for each end item delivered to the government.

One area where foreign ownership is an issue is review by the Committee on Foreign Investment in the United Stated (CFIUS). [50 US Code 4565] CFIUS is an federal inter-agency committee that reviews, for national security concerns, transactions that could result in control of a U.S. business by a foreign entity. If CFIUS determines that a covered transaction is detrimental to national security, the President can suspend or block the transaction. Not every foreign acquisition is reviewed by CFIUS. Of course, if there is no CFIUS review, the government could come along later and undo the transaction. In this case there was a CFIUS review and the transaction to acquire Ingram Micro was not blocked.

Another area where foreign ownership comes into play is in the performance of government contracts that require access to classified information. For a defense contractor to have possession of classified information, it must have a “Facility Security Clearance” (FCL). To obtain the FCL, one of the critical factors (in addition to appropriate physical security and access by cleared personnel) is the potential for “Foreign Ownership, Control or Influence” (FOCI). Except in rare cases where the foreign ownership involved is from a country with bilateral security agreements, obtaining an FCL when dealing with the FOCI usually means setting up complicated corporate management arrangements that insulate the US-based management from control by the foreign owner. When the foreign owner is from a country with a history of espionage against the United States, I would think the likelihood of resolving the FOCI and obtaining an FCL is remote or impossible.

So my best guess is that Ingram Micro would be unlikely to get or keep any FCL at this point. However, that may not be important or relevant since my understanding is that as a distributor, Ingram Micro probably deals exclusively with commercial products and would have no need itself for an FCL. While the Ingram Micro situation may seem to raise a unique issue with any prime contractors operating under an FCL, in no case should vendor without an FCL or vendor personnel without a personnel security clearance have access to classified information in the prime contractor’s possession.

Bottom line? Small businesses with federal contracts using Micro Ingram as a supplier should not have an issue with the change of ownership. Of course, the handling of classified information should be managed properly with this and every other vendor.

I have always limited posting here to government contracting issues. I am about to violate that self-imposed limitation, doing it on a subject about which I am definitely not an expert. That is probably dangerous thing to do in the blogosphere, but taking a risk now and then keeps life interesting. These ruminations are prompted by an article in Vox.com about the legality of the Berghdahl prisoner swap, today’s satire from Borowitz, and my pondering whether there was any possible way President Obama could complete his 2008 pledge to shut down Guantanamo. And now, in a spasm of synchronicity, President Obama has launched today another effort to close Guantanamo; however, the President’s proposal would require congressional approval and we know how likely that is to happen in an election year. I’m thinking about a way to close Guantanamo down without congressional approval. So here goes, my flagrantly Machiavellian, blatantly textualist way to get this done. Read the rest of this entry »

In a recent episode of the epic legal soap opera, Suits, an Assistant DA and the show’s protagonist reached an oral agreement that the Assistant DA later reneged on. This reminded me of the general proposition in the world of government contracts that, to coin a phrase, oral agreements are worth the paper they’re written on. A few years back, my opposition in a bid protest ran into this truism. Read the rest of this entry »

When a bidder in a government real estate property auction feels in some way the victim of unfair or improper treatment by the government is there a remedy available? And by remedy, I mean some formal process that will subject the government agency’s action to an independent review. If you ask the General Services Administration (the seller of most surplus federal property), they will say there is no remedy. But in my view, that is not quite the case. Read the rest of this entry »

So I’m rummaging through emails and come across a notice of a FAR update and see something called a “Small Entity Compliance Guide.” “Great,” I thought, “finally someone is trying to get information to small businesses about what they need to do to comply with the various government contracting regulations that get dumped on them from time to time.” Then I kept looking and, much to my dismay, what should appear but the Federal Acquisition Circular that has been published yea these many years with a new title. What a disappointment. Of course, it is entirely understandable. Congress comes along with the ‘‘Small Business and Work Opportunity Act of 2007’’ (buried in the ‘‘U.S. Troop Readiness, Veterans’ Care, Katrina Recovery, and Iraq Accountability Appropriations Act, 2007’’), without of course increasing any manpower or funding to do any of this. So what can one expect of an already overstretched agency but to morph something already being done into something that meets the letter of the congressional mandate without actually doing any additional work (other than pasting a new title on the Federal Register notice). Still, I was disappointed. A Small Entity Compliance Guide is a great idea. I hope one day soon we will see one that actually helps a small business. Until then we’ll just keep searching the internet.

Your business can’t even bid on a federal government contract without registration with the “System for Award Management.” This registration can be done entirely on-line at sam.gov and anyone could do it (well, with minimal computer skills).
That said, I have been surprised, but probably shouldn’t be, that businesses wanting to get into the federal contracting world choose not to do it themselves. There a lot of companies out there that will sell you help with this registration bundled with a lot of marketing services. I have friends with government contract marketing companies and I know they do good work, but it can get pricey for a start-up.
Having done a number of these in the last few months, I have decided that I and my office manager should offer this service as a standalone product for a fixed price. If you are interested, feel free to contact me at jvanhorne@vanhornelaw.com for pricing and more information on the process.

Usual Lawerly CYA Notice

The use of any content provided in this blog will not create an attorney-client relationship between us. Content is provided solely for informational purposes: it is not intended as and does not constitute legal advice. The information contained herein should not be relied upon or used as a substitute for consultation with legal, accounting, tax, career and/or other professional advisors.